package com.jxy.homepage.security.jwt.security;

import com.jxy.homepage.security.jwt.JwtAuthenticationTokenFilter;
import org.springframework.boot.web.servlet.FilterRegistrationBean;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;

/**
 * SecurityConfig
 *
 * @author Jxy
 * @date 2022/1/7
 * @Description
 * 需要经过身份验证的用户才能与应用程序进行任何交互
 * 生成默认登录表单
 * 使用 BCrypt 保护密码存储
 * CSRF 攻击预防
 * 安全标头集成
 * 让用户退出
 *
 */
@Configuration
public class SecurityConfig {

    @Bean
    public PasswordEncoder passwordEncoder(){
        return new BCryptPasswordEncoder();
    }

    @Bean
    public FilterRegistrationBean registration(JwtAuthenticationTokenFilter filter) {
        FilterRegistrationBean registration = new FilterRegistrationBean(filter);
        registration.setEnabled(false);
        return registration;
    }
}
